* @license MIT */ namespace Database\Seeders; use Illuminate\Database\Seeder; use Pterodactyl\Addons\AdvancedAdmin\Models\Role; use Pterodactyl\Addons\AdvancedAdmin\Models\RolePermission; class DefaultRolesSeeder extends Seeder { private const ROLES = [ [ 'name' => 'Owner', 'description' => 'Full server access — assigned to the server owner', 'color' => '#f59e0b', 'priority' => 100, 'is_default' => false, 'permissions' => [ 'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow', 'file.read' => 'allow', 'file.read-content' => 'allow', 'file.create' => 'allow', 'file.update' => 'allow', 'file.delete' => 'allow', 'file.archive' => 'allow', 'file.sftp' => 'allow', 'backup.read' => 'allow', 'backup.create' => 'allow', 'backup.delete' => 'allow', 'backup.download' => 'allow', 'backup.restore' => 'allow', 'allocation.read' => 'allow', 'allocation.create' => 'allow', 'allocation.update' => 'allow', 'allocation.delete' => 'allow', 'startup.read' => 'allow', 'startup.update' => 'allow', 'startup.docker-image' => 'allow', 'database.read' => 'allow', 'database.create' => 'allow', 'database.update' => 'allow', 'database.delete' => 'allow', 'database.view-password' => 'allow', 'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'schedule.delete' => 'allow', 'settings.read' => 'allow', 'settings.rename' => 'allow', 'settings.reinstall' => 'allow', 'user.read' => 'allow', 'user.create' => 'allow', 'user.update' => 'allow', 'user.delete' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow', ], ], [ 'name' => 'Administrator', 'description' => 'High-privilege access — can manage files, users, databases', 'color' => '#ef4444', 'priority' => 80, 'is_default' => false, 'permissions' => [ 'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow', 'file.read' => 'allow', 'file.read-content' => 'allow', 'file.create' => 'allow', 'file.update' => 'allow', 'file.delete' => 'allow', 'file.archive' => 'allow', 'file.sftp' => 'allow', 'backup.read' => 'allow', 'backup.create' => 'allow', 'backup.delete' => 'allow', 'backup.download' => 'allow', 'backup.restore' => 'allow', 'database.read' => 'allow', 'database.create' => 'allow', 'database.update' => 'allow', 'database.delete' => 'allow', 'database.view-password' => 'allow', 'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'schedule.delete' => 'allow', 'settings.read' => 'allow', 'user.read' => 'allow', 'user.create' => 'allow', 'user.update' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow', ], ], [ 'name' => 'Moderator', 'description' => 'Console access, read files, manage schedules', 'color' => '#3b82f6', 'priority' => 50, 'is_default' => false, 'permissions' => [ 'control.console' => 'allow', 'control.start' => 'allow', 'control.stop' => 'allow', 'control.restart' => 'allow', 'file.read' => 'allow', 'file.read-content' => 'allow', 'backup.read' => 'allow', 'backup.create' => 'allow', 'schedule.read' => 'allow', 'schedule.create' => 'allow', 'schedule.update' => 'allow', 'settings.read' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow', ], ], [ 'name' => 'Viewer', 'description' => 'Read-only access — can view console and files', 'color' => '#6b7280', 'priority' => 10, 'is_default' => true, 'permissions' => [ 'control.console' => 'allow', 'file.read' => 'allow', 'file.read-content' => 'allow', 'backup.read' => 'allow', 'schedule.read' => 'allow', 'settings.read' => 'allow', 'activity.read' => 'allow', 'websocket.connect' => 'allow', ], ], ]; public function run(): void { foreach (self::ROLES as $roleData) { if (Role::where('name', $roleData['name'])->exists()) continue; $role = Role::create([ 'name' => $roleData['name'], 'description' => $roleData['description'], 'color' => $roleData['color'], 'priority' => $roleData['priority'], 'is_default' => $roleData['is_default'], 'created_by' => null, ]); foreach ($roleData['permissions'] as $perm => $value) { RolePermission::create([ 'role_id' => $role->id, 'permission' => $perm, 'value' => $value, ]); } $this->command->info("Created default role: {$roleData['name']}"); } } }